Sabotage laws give Dutton new powers over energy, port facilities

More than 165 power plants, gas works, water facilities and ports have been identified as critical enough to the nation that Home Affairs Minister Peter Dutton can step in and compel the operators to improve their defences against sabotage and spying.

So-called “critical infrastructure” protection has emerged as one of the most pressing priorities of governments around the world as ports, dams, power grids and other utilities are increasingly connected to the web and are either foreign-owned or are run on systems built with parts from international supply chains.

Recent cases such as a Russia-based attack on Ukraine’s power grid two days before Christmas in 2015 have underscored the extent to which critical infrastructure assets are natural targets of crippling attacks by hostile foreign governments, terrorists and cybercriminals.

Power plants are among the more than 165 critical infrastructure assets that need protecting.Credit:Fairfax Media

Under laws that have taken effect this week, Home Affairs Minister Peter Dutton will have a last-resort power to intervene and demand critical infrastructure operators take necessary steps to mitigate national security threats if they are not already doing so.

Advertisement

The new Security of Critical Infrastructure Act will also create a register of the highest-risk assets that gives operators six months to provide the government with detailed information on who owns, controls and has access to the infrastructure and its systems.

Mr Dutton said the new laws would help guard against the threats of sabotage, espionage and coercion.

Loading

“While foreign involvement in Australia’s infrastructure and economy is welcome, it does mean our critical infrastructure assets are potentially more exposed than ever,” he said.

He said the new laws would give the government “visibility of who owns and controls the highest-risk critical assets”.

Mr Dutton’s office has revealed to Fairfax Media that more than 165 assets in the electricity, gas, water and ports sectors across the country have been identified by security agencies as falling under the law’s definition of critical assets based on their size and structure.

The government will not release the list on the grounds that identifying any particular asset could make it more of a target.

The new ministerial intervention powers would be in place as a last resort, if the owner or operator is refusing to put security measures in place and if a state government doesn’t have the regulatory power to compel them to act. In the first instance, operators and state governments would always be consulted.

The government would only step in if ASIO has made an adverse security assessment of the infrastructure asset.

Home Affairs Minister Peter Dutton will have new powers under the laws.Credit:AAP

Mr Dutton’s department will have the power to ask for further information from owners and operators as needed. This information would be provided to the Critical Infrastructure Centre, which was established last year to co-ordinate the protection of major assets.

Telecommunications assets are not included in the figure of 165 assets because they are covered by a separate law, which was passed last year. The telecommunications sector security reforms law demands that telco operators maintain “competent supervision” and “effective control” over their networks and their security.

British and US authorities issued an extraordinary joint statement in April warning that Russia was preparing to mount cyber attacks on critical infrastructure.

Australia's security establishment is understood to be looking closely at Britain's model of national cyber security to protect critical infrastructure. While operators are regarded as being chiefly responsible for their own cyber security, government agencies could in future become more actively involved, including potentially carrying out unannounced penetration tests to see if private networks are sufficiently robust.

The Turnbull government recently toughened sabotage laws to include jail terms of up to 15 years for foreign-backed saboteurs who plant sleeper bugs in critical infrastructure that could be mobilised to wreak havoc in the event of a war with Australia.